The new two-factor system works like this. A user enrolls using the mobile app, which generates a 2048-bit RSA keypair. The private key lives on the phone itself, and the public key is uploaded to Twitter's server.

When Twitter receives a new login request with a username and password, the server sends a challenge based on a 190-bit, 32 character random nonce, to the mobile app — along with a notification that gives the user the time, location, and browser information associated with the login request. The user can then opt to approve or deny this login request. If approved, the app replies to a challenge with its private key, relays that information back to the server. The server compares that challenge with a request ID, and if it authenticates, the user is automatically logged in.

Think that's clever? Wait until you read the solution for how it does it when you don't have your phone.

Global shipments of the second-generation Nexus 7 through the end of 2013 are estimated at 3.5m, mainly because the model will not be launched in the China market and there is competition from other 7in tablets, according to sources with Taiwan's supply chain.

The sources pointed out that the new Nexus 7 is unable to enter the China market due to Google's decision to quit the China market in 2010 after the US company refused to comply with some of China government's Internet policies.…

The first-generation Nexus 7 has shipped 6m units in total so far since it was launched in July 2012.

The Chinese government bit seems a bit odd - was China ever a target for the N7? - but Digitimes tends to be right on Taiwan-based gossip. Remember that it was one of the first to point to the Surface being a slow seller.

A $1.5m cyberheist against a California escrow firm earlier this year has forced the company to close and lay off its entire staff. Meanwhile, the firm's remaining money is in the hands of a court-appointed state receiver who is preparing for a lawsuit against the victim's bank to recover the stolen funds.

The heist began in December 2012 with a roughly $432,215 fraudulent wire sent from the accounts of Huntington Beach, Calif. based Efficient Services Escrow Group to a bank in Moscow.

I stated in my last post that the industry is going to go through yet another display ratio change over the next year or so. For years we've had 4:3 "square" displays. These have all but disappeared from the market as the current standard is 16:10 "wide." The industry is about to move yet again to true 16:9 wide. This means that the ratio of your PC display will match that of your HDTV. This change won't happen overnight, but will phase in gradually. In fact, it's already started. Many of the newest consumer notebooks, especially in the 15" class, now sport the more rectangular 16:9 display. If you pay attention to this sort of thing, then you'll notice that your display gets shorter yet again vertically. For manufacturers, this makes it easier to put full size keyboards inside their notebooks (though most won't). Again, we can thank the LCD manufacturers for this change. By cutting everything in the same aspect ratio, they have less waste per large sheet of glass.

Hope you didn't think the change was driven by customer demand. (It's a fascinating blogpost with detail about minimum order quantities too.)

Pointing out that the NSA is believed to control a number of Tor (anonymity) servers:

By default, Tor chooses three hops: the ingress point, the egress point, and only a single in-between node. If the NSA is able to control one or two of these nodes, you are still okay because the third node will protect you. But, if the NSA is able to control all three, then your connection is completely unmasked.

This means that the NSA occasionally gets lucky, when somebody's connection hits three NSA nodes, allowing them to unmask the user.

Update: If we assume the NSA controls 1% of Tor nodes, that comes out to one-in-a-million chance the NSA will unmask somebody on any random connection. If a million connections are created per day, that means the NSA unmasks one person per day.

The last calculation is wrong, of course. There's about a 66% chance that one person will be unmasked each day. (It's 1 - (0.999999)^1000000.)

To understand a broad topic, sometimes you need more than a quick answer. Our research indicates perhaps 10% of people's daily information needs fit this category - topics like stem cell research, happiness, and love, to name just a few. That's why over the next few days we'll be rolling out a new feature to help you find relevant in-depth articles in the main Google Search results.